LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   relay postfix (http://www.linuxquestions.org/questions/linux-networking-3/relay-postfix-12273/)

SkYzOpReNiCk 01-21-2002 09:46 AM

relay postfix
 
Can someone could tell me how to relay with postfix?

Thanks

lfslinux 01-21-2002 02:09 PM

Re: relay postfix
 
Quote:

Originally posted by SkYzOpReNiCk
Can someone could tell me how to relay with postfix?

Thanks

What kidn of relaying are you talking about exactly? There are a few different ways to interpret it.

SkYzOpReNiCk 01-21-2002 09:32 PM

The idea is the following:

I have installed postfix with qpopper, the server is for hosting and e-mail services. the problem that I got is that I could receive e-mail from anyone. The problem is sending, If I try to send e-mail from a dialup account or diferent network that is not from the server, it always send me the error of relaying denied.

How I could chance it?

Thanks

:confused:

lfslinux 01-21-2002 09:49 PM

Quote:

Originally posted by SkYzOpReNiCk
The idea is the following:

I have installed postfix with qpopper, the server is for hosting and e-mail services. the problem that I got is that I could receive e-mail from anyone. The problem is sending, If I try to send e-mail from a dialup account or diferent network that is not from the server, it always send me the error of relaying denied.

How I could chance it?

Thanks

:confused:

Okay you need to tell postfix that the machine you are sending from is allowed to be a relay. To do this, postfix needs to know your IP address so it will allow your IP address to relay.

Now, there are a few ways of accomplishing this. The most common one is the so called pop-before-relay scheme, where you first download your email. The pop3 server you authenticate with stores your IP address in a database that postfix reads. If somebody tries to relay that database is accessed to see if it's an allowed IP address.

I developed a slightly different scheme called scp-before-relay. pop-before-relay doesn't work for me because I use ssh tunneling to get my email (port forwarding) as I don't like sending my password in plain text. With port forwarding the pop3 server thinks I'm logging in from the server itself (localhost) so it doesn't know my ip address still.

So how does my method work: every few minutes my machine sends a file by scp to the server into my home directory over there that contains my workstation's IP address. The server will check if a new file exists every few minutes and updates the postfix database accordingly if the IP address was changed. If my workstation doesn't upload a new file for more than 10 minutes, the relay authorization is removed (it means that my workstation can't reach the server, probably disconnected or network disruption, so we don't want somebody else being able to take my IP and take over. Those chances are slim, but better safe than sorry).

The full explanation + how to set it up can be read at http://hints.linuxfromscratch.org/hi...fore-relay.txt

SkYzOpReNiCk 01-22-2002 10:16 AM

Well Thanks for the help, but this is not going to work. Because all the users are going to access by Dialup to another ISP, so I need to give them to relay all those guys, how I'm going to know which ip address they came from. :confused: :confused: :cry:

lfslinux 01-22-2002 10:32 AM

Quote:

Originally posted by SkYzOpReNiCk
Well Thanks for the help, but this is not going to work. Because all the users are going to access by Dialup to another ISP, so I need to give them to relay all those guys, how I'm going to know which ip address they came from. :confused: :confused: :cry:
Make sure they don't try to use ssh tunneling, port forwarding and so on, then you can simply use the pop-before-relay scheme. The server will know which IP they come from as long as they "check for new mail" before they try to send it. The pop3 server needs to be patched (qpopper patch available, see links at bottom of this post) to log IP addresses of people who login to the server. Qpopper will save this IP address in a file, and this file is read by postfix when a relay attempt is made.

If the person attempting to relay has his/her IP address in that file, he'll be allowed to use postfix as a relay server.

That really is the best way for this kind of dynamic IP allocation.

Start reading http://www.postfix.org/faq.html#mobile

and
http://mail.cc.umanitoba.ca/drac/

Oh, I totally forgot: you can try working with SMTP authorization. It works quite simple as long as people's email clients support this. Before they send mail to your server they login to the smtp server first. If the username and password are accepted, they'll be authorized to use the server as a relay.

Postfix has support for this. Read the HOWTO at
http://www.thecabal.org/~devin/postfix/smtp-auth.txt


All times are GMT -5. The time now is 06:22 AM.